ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

Wireless Configuration

4-7

v1.0, October 2008

1.

From your Web browser, log in to the SRXN3205 using its default address of

.

2.

Use the default user name of

admin

and default password of

password

— or use a new LAN

address and password if you have set them up.

3.

Select

Network Configuration

>

Wireless Settings

from main/submenu.

4.

In the

Wireless Settings e

nsure the Auto (default) is set for the Channel feature.

This feature selects a channel that has the least interference. It should not be necessary to

change the wireless channel unless you notice interference problems or are near another

wireless access point. Select a channel that is not being used by any other wireless networks

within several hundred feet of your VPN firewall.

5.

Record the name used for SSID and then Disable the

Allow Broadcast of Name (SSID).

6.

Click

Apply

to save any changes

7.

Prepare PC(s) as the wireless PC Client(s) with wireless Ethernet adapters installed.

8.

Configure the Client PCs to obtain the IP

and

DNS addresses automatically using the internal

DHCP server (DHCP is the default firewall setting).

9.

Configure the wireless adapters of your Client PCs to have the same SSID you configured in

the SRXN3205.

10.

Using this Client PCs, verify these PCs have a wireless link by trying to access a file or a

printer on the LAN connected to the SRXN3205.

11.

Once you have verified wireless connectivity to the SRXN3205, you can configure the

wireless security functions. Refer to

“Wireless Security Types and Settings” on page 4-8

.

Note:

The SSID of a client computer must match what you configured in the firewall.

If these do not match, you will not get a wireless connection to the SRXN3205.

Note:

If you are configuring the SRXN3205 from a wireless computer, you will lose

your wireless connection when you click Apply to update settings. You will

then need to update the wireless settings of your computer accordingly.

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

4-8

Wireless Configuration

v1.0, October 2008

Wireless Security Types and Settings

Configure the Wireless Security Types based on the level of security you need using one of the

following methods and print out the form provided to aid you in making your selections:

•

Print out the

“SSID and WEP/WPA Settings Setup Form” on page 4-9

•

To configure WEP encryption for Open Systems or Shared Key, see

“Configuring WEP”

on page 4-11

.

•

To configure WPA-PSK, see

“Configuring WPA-PSK” on page 4-12

.

•

To configure WPA2-PSK, see

“Configuring WPA2-PSK” on page 4-12

.

•

To configure WPA-PSK and WPA2-PSK, see

“Configuring WPA-PSK and WPA2-PSK”

on page 4-13

.

•

To configure WPA with RADIUS, see

“Configuring WPA with RADIUS” on page 4-13

.

•

To configure WPA2 with RADIUS, see

“Configuring WPA2 with RADIUS” on

page 4-14

.

•

To configure WPA and WPA2 with RADIUS, see

“Configuring WPA and WPA2 with

RADIUS” on page 4-15

Use the Wireless Security Type section in the Wireless Settings menu to select the desired security

method, but the balance of the security settings are set in the following main menus:

•

Go to

“Firewall Security and Content Filtering” in Chapter 5

for the

Security

menu settings

•

Go to

“Virtual Private Networking Using IPsec” in Chapter 6

for the

VPN IPsec

tunnel

settings

•

Go to

“Virtual Private Networking Using SSL” in Chapter 7

for the

VPN SSL

tunnel settings

•

Go to

“Managing Users, Authentication, and Certificates” in Chapter 8

for the

Users

menu

•

Go to

“Firewall and Network Management” in Chapter 9

for the

Administration

menu

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

Wireless Configuration

4-9

v1.0, October 2008

SSID and WEP/WPA Settings Setup Form

802.11b/g/n Configuration

For a new wireless network, print or copy this form and fill in the configuration parameters. For an

existing wireless network, the person who set it up or is responsible for the network will be able to

provide this information. Be sure to set the Regulatory Domain correctly as the first step.

•

SSID

:

The Service Set Identification (SSID) requires the identity or name of the wireless local

area network.

NETGEAR

is the default SRXN3205 SSID. However, you may customize it by

using up to 32 alphanumeric characters. Write your customized SSID on the line below.

___________________________________

Note:

The SSID in the VPN firewall is the SSID you configure in the wireless adapter card.

All wireless nodes in the same network must be configured with the same SSID:

•

Authentication:

Circle one: Automatic, Open System, or Shared Key. (Choose Shared Key for more security.)

Note:

If you select shared key, the other devices in the network will not connect unless they

are set to Shared Key as well and have the same keys in the same positions as those in the

SRXN3205.

•

WEP Encryption Keys.

Circle one: 64, 128, or 152 bits. (Enter all four 802.11a/n keys for the Key Size chosen.)

Key 1: ___________________________________

Key 2: ___________________________________

Key 3: ___________________________________

Key 4: ___________________________________

•

WPA-PSK (Preshared Key)

Record the WPA-PSK key. Key: ___________________________________

•

WPA RADIUS Settings.

For WPA, record the following settings for the primary and

secondary RADIUS servers:

Server Name/IP Address: Primary _________________

(Secondary __________________

?)

RADIUS Port: ___________________________________

Shared Key: ___________________________________

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

4-10

Wireless Configuration

v1.0, October 2008

802.11a/n Configuration

For a new wireless network, print or copy this form and fill in the configuration parameters. For an

existing wireless network, the person who set up or is responsible for the network will be able to

provide this information. Be sure to set the Regulatory Domain correctly as the first step.

•

SSID

:

The Service Set Identification (SSID) requires the identity or name of the wireless local

area network.

NETGEAR

is the default SRXN3205 SSID. However, you may customize it by

using up to 32 alphanumeric characters. Write your customized SSID on the line below.

___________________________________

Note:

The SSID in the VPN firewall is the SSID you configure in the wireless adapter card.

All wireless nodes in the same network must be configured with the same SSID:

•

Authentication

Circle one: Automatic, Open System, or Shared Key. Choose Shared Key for more security.

Note:

If you select shared key, the other devices in the network will not connect unless they

are set to Shared Key as well and have the same keys in the same positions as those in the

SRXN3205.

•

WEP Encryption Keys

Circle one: 64, 128, or 152 bits. (Enter all four 802.11b/g/n keys for the Key Size chosen.)

Key 1: ___________________________________

Key 2: ___________________________________

Key 3: ___________________________________

Key 4: ___________________________________

•

WPA-PSK (Preshared Key)

Record the WPA-PSK key. Key: ___________________________________

•

WPA RADIUS Settings.

For WPA, record the following settings for the primary and

secondary RADIUS servers:

Server Name/IP Address: Primary _________________

(Secondary __________________

?)

RADIUS Port: ___________________________________

Shared Key: ___________________________________

Use the procedures described in the following sections to configure the SRXN3205. Store this

information in a safe place.

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

Wireless Configuration

4-11

v1.0, October 2008

Configuring WEP

To configure WEP data encryption in the Wireless Settings menu:

1.

Click the

WEP

radio button on the left to enable WEP data encryption.

When you select the WEP data encryption, only the feature selections for WEP are made

active on screen, while the other options and features remain grayed out.

2.

In the Authentication drop-down menu, choose Automatic, Open System, or Shared Key

authentication.

3.

In the Encryption drop-down menu, select the encryption strength: 64 bit WEP, 128 bit WEP,

or 152 bit WEP.

4.

Enter a value in the

WEP Passphrase

text box to automatically program the four data

encryption keys. You can also program the four keys manually.

These values must be identical on all PCS and VPN firewalls in your network.

•

Automatically – Enter a word or group of printable characters in the form of 10 digits for

64-bit, 26 digits for 128-bit, or xx digits for 152-bit, in any combination of 0-9, a-f, or A-F

characters.

•

Select which of the four keys will be the default by clicking on the

Radio button

next

to the key. Data transmissions are always encrypted using the default key.

•

When done, click the

Generate

button and the four key boxes will be automatically

populated with key values.

•

Manually – Enter the number of hexadecimal digits appropriate to the encryption strength

for each of the four keys:

•

The number should be 10 digits for 64-bit, 26 digits for 128-bit, or xx digits for 152-

bit, in any combination of 0-9, a-f, or A-F characters.

•

Select which of the four keys will be the default by clicking on the

Radio

button next

to the key. Data transmissions are always encrypted using the default key.

See the document “Wireless Communications” for a full explanation of each of these options,

as defined by the IEEE 802.11 wireless communication standard. A link to this document on

the NETGEAR website is in

Appendix B, “Related Documents

.”

5.

Click

Apply

to save your settings.

Note:

Your wireless connection will drop when you click Apply. Reconfigure your

wireless adapter to match the new settings or access the VPN firewall from a

wired computer to make any further changes.